@arisunz Adding to this list, the org's public response to security vulnerabilities has been... not great, basically saying "We expect users to trust servers, and security research puts our funding at risk":
news.ycombinator.com/item?id=3